SCADA systems are more at risk for a couple of reasons: The SCADA industry, in general, is at least a few years behind the software industry in writing secure code. The worst vendors have products with products with hard-coded administrative passwords that cannot be changed. Legacy systems are often the culprit, but as the Stuxnet worm showed last year, even modern SCADA Systems are vulnerable. Most contain old versions of OSes (such as Windows 3.1 and NT) and software, with aged, publicly known exploits; they also tend to have easy-to-find security bypasses.”]
Source: https://www.csoonline.com/article/2621479/doomed-by-default-passwords.html